The captive-portal technique forces the user of an HTTP client on a network to view a special web page (e.g., for authentication purposes) before proceeding to the Internet for normal browsing. Typically, this technique intercepts all packets, regardless of address or port, until the user opens a web browser (such as Internet Explorer or Mozilla Firefox) and tries to access the Internet. At that time, the browser is redirected to a web page which may require authentication. Most Wi-Fi hotspots utilize some form of captive portal, though captive portals can also be used to control wired access (e.g., in apartment houses, hotel rooms, and business centers).
Since the web host's login page itself is presented to the user of the client, the login page is either locally stored in an access gateway that enforces the captive portal or else the server hosting the login page is “whitelisted” via a walled garden to bypass the authentication process.
Captive portals often facilitate the enforcement of payment structures. However, captive portals are becoming increasingly common on free wireless networks where, instead of authenticating a user, captive portals often display a message from the ISP provider along with the terms of use and require the user to agree.
Many captive portals require the user of the client to pass an SSL encrypted login page, after which the client's IP and MAC address are allowed to pass through the access gateway. Consequently, some platforms do not support captive portals, for example, a gaming platform that includes Wi-Fi and a TCP/IP stack but does not include a web browser with HTTPS.
End-to-end monitoring is the process of attempting to access a web server or other Internet device remotely, just as a real end user would, to verify that the server is accessible and functioning properly at all times. This approach can be used instead of, or as a complement to, local monitoring software run by the web or system administrator.